EHA
133,000+ Vulnerable FortiOS/FortiProxy Instances : Exploitation Started

133,000+ Vulnerable FortiOS/FortiProxy Instances : Exploitation Started

A critical security vulnerability has been identified in Fortinet's FortiOS and FortiProxy, potentially affecting over 133,000 devices worldwide. The flaw, tracked as CVE-2024-21762, is an out-of-bounds write vulnerability that could allow a remote, unauthenticated attacker...
Pentagon Received 50,000+ Vulnerability Report Since November 2016

Pentagon Received 50,000+ Vulnerability Reports Since November 2016

The Department of Defense (DoD) Cyber Crime Center (DC3) recently announced a significant milestone in its cybersecurity efforts. The processing of over 50,000 vulnerability reports since the inception of its Vulnerability Disclosure Program (VDP) in...
Cisco Completes Acquisition of Splunk for $28 Billion

Networking Giant Cisco Finalizes Splunk Acquisition in Landmark $28 Billion Deal

Cisco has officially completed its acquisition of Splunk for a staggering $28 billion. This strategic acquisition marks a milestone in Cisco's journey. It promises to revolutionize how organizations leverage data to connect and protect...
LockBit Ransomware is Back From the Dead : Is Your SOC/DFIR Team Prepared?

LockBit Ransomware is Back From the Dead : Is Your SOC/DFIR Team Prepared?

Law enforcement disrupted LockBit ransomware operations in February, seizing infrastructure and their website. Regretfully, the victory appears to have been temporary. The gang's leading members were not detained, and Operation Cronos's defeat was only...
Zoom Vulnerability Privilege Escalation

Critical Zoom Clients Flaw Let Attackers Escalate Privileges

A vulnerability classified as improper input validation was found in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows that could potentially allow an authenticated attacker to...
What is CNAPP ? How It Benefits for Multi-Cloud & Hybrid Infrastructure Protection

What is CNAPP ? How It Benefits for Multi-Cloud & Hybrid Infrastructure Protection

Multi-cloud and hybrid infrastructures are becoming the norm among enterprises nowadays. Around 9 in 10 companies use a multi-cloud strategy, while 8 in 10 adopt a hybrid. This is not surprising, given the many...
Chinese Hackers Backdooring Digital Locks To Steal Sensitive Data

Chinese Attackers Hack American Businesses Digital Locks To Steal Sensitive Data

United States Senator Ron Wyden warned and notified the Director of the National Counterintelligence and Security Center (NCSC), Michael C. Casey, that Chinese hackers are actively backdooring digital locks to steal sensitive data. As a...
Google Chrome To Roll Out Real-Time Phishing Protection

Google Chrome To Roll Out Real-Time URL Protection For Malware & Phishing Attack

Google Chrome has been protecting users from malicious websites and files with Safe Browsing, which maintains a locally-stored list updated every 30-60 minutes.  It is becoming insufficient as unsafe sites can emerge and disappear within...
How to Set Up a Network Research Laboratory for Malware Analysis

How to Set Up a Network Research Laboratory for Malware Analysis (SOC & DFIR...

To analyze a security vulnerability (CVE-2024-21413) in Outlook, a controlled environment can be set up using a virtual machine (ANY.RUN) within a local virtual private network (VPN).  Researchers can learn more about the exploit by...
Hackers Deliver FakeBat Malware via MSIX Installer Files

Hackers Deliver FakeBat Malware via MSIX Installer Files

Cybercriminals have been distributing a new strain of malware, dubbed FakeBat, by exploiting the trust in MSIX installer files. This alarming trend has raised concerns as it involves masquerading as legitimate software applications, including popular...

Managed WAF

Website

Latest News